4abf531523c834cb326de7b63dbd1025 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4abf531523c834cb326de7b63dbd1025
Size

312KB
MD5

4abf531523c834cb326de7b63dbd1025
SHA1

55d0cfb281d4f9ec3fef07935e12d0e2d0dd72ae
SHA256

32a6faae1a5ddd390d38dbe505d537ea4fa8d244df4f7c992715b2198cf3564d
SHA512

0c4fe5e26ff04c1e6cbffa3c112da683fdaa3a81ba94df8b51a2e38997bb920b2c9f66598a4cbfdac992850aec8c0b1d5fbb516c37ffac2ebabeb5186319b545
SSDEEP

6144:O4YXmx9aB4OZpgYL9nOBMHZaUfWcCu8ngAwdnlC:N5xtqicOeaoQMy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4abf531523c834cb326de7b63dbd1025

Files

4abf531523c834cb326de7b63dbd1025
.exe windows:4 windows x86 arch:x86

28b0b312f0f0bd95b4c7ace7a4eadf3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCompressedFileSizeA
GetACP
FreeEnvironmentStringsA
HeapCreate
VirtualProtect
RaiseException
GetSystemDirectoryA
IsDebuggerPresent
SetEvent
FlushFileBuffers
GetStdHandle
GetModuleHandleA
GetCurrentProcess
OpenMutexA
GetCurrentProcessId
ReadConsoleA
InterlockedExchange
GlobalFree
GetLocaleInfoA
GetCurrentThread

user32

FrameRect
ShowWindow
GetDlgItem
GetCursorPos
ValidateRgn
SetForegroundWindow
EndPaint
SetActiveWindow
FillRect
DrawTextA
GetClassNameA
wsprintfA
GetWindow
GetFocus
GetWindowTextA
BeginPaint
ReleaseDC
IsIconic
GetParent

linkinfo

CreateLinkInfoA
ResolveLinkInfoA
GetLinkInfoData
DestroyLinkInfo
IsValidLinkInfo

rtutils

LogErrorA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ